5023: Verification of LDAPS servers with non-public certificates not possible anymore with docker image beanbag/reviewboard:6.0 and above


What version are you running?


What's the URL of the page containing the problem?


What steps will reproduce the problem?

  1. Configure LDAP auth to a server that uses a non-public certificate
  2. Add certificate to system-wide certificate store
  3. Try to login

What is the expected output? What do you see instead?

Expected: Login successful.
Seen: Error in RB log output: Error authenticating with LDAP: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': [], 'info': '(unknown error code)'}

What operating system are you using? What browser?

Docker image beanbag/reviewboard:6.0.2

Please provide any additional information below.

see https://groups.google.com/g/reviewboard/c/nMsySlScboY/m/3NlyJw4wAwAJ

Solution proposal

Add apt-get install libldap-common to Dockerfile, so the package gets installed explicitly and LDAP client uses system-wide certificate store again.
Note: https://hellosplat.com/s/beanbag/tickets/1919 may be then closed as well.

#1 fmiedniak-abb

Review request: https://reviews.reviewboard.org/r/13614/